ISACA CISM: One of World’s Best Security Credentials

When it comes to security certifications, most of us think about CompTIA Security+, CEH, CCNP SEcurity, and CISSP, right? Yet, there are more awesome security credentials that can help you stand out from other candidates during your next job search. ISACA’s CISM (The Certified Information Security Manager) is one of them

But First, What is ISACA?

In case you’re wondering, ISACA stands for Information Systems Audit and Control Association. This is an international professional association focused on IT Governance. The organization was created in the United States back in 1967. That year, a group of individuals working on auditing controls in computer systems started to become increasingly critical of the operations of their organizations. They identified a need for a centralized source of information and guidance in the field. In 1976 the association formed an education foundation to undertake large-scale research efforts to expand the knowledge of and value accorded to the fields of governance and control of information technology. The association became the Information Systems Audit and Control Association in 1994.

ISACA specifically targets IT professionals interested in the highest quality standards with respect to audit, control and security of information systems. The CISM certification holders demonstrate in-depth skills in security risk management, program development and management, governance, and incident management and response.

The CISM Credential and Certification Process

The Certified Information Security Manager (CISM) is ISACA’s flagship credential. This is a top certification for IT professionals involved in managing, developing and overseeing information security systems in enterprise-level applications, or who work on developing best organizational security practices. The CISM credential was introduced to security professionals in 2003 and has remained in high demand ever since.

Developed with experienced security professionals in mind, CISM certification sets new standards for IT security. To achieve this credential, candidates must agree to ISACA’s Code of Professional Ethics and pass a challenging certification exam. Furthermore, they are required to have a minimum of five years of proven security experience, comply with the Continuing Education Policy and submit a written application. Please note that some combinations of education and experience may be substituted to meet the experience requirement – check ISACA website for more information on this.

CISM Certification Prerequisites. To obtain the CISM credential, you must:

• Pass the CISM exam.
• Agree to the ISACA Code of Professional Ethics.
• Possess a minimum of five years of information security work experience, including at least three years of work experience in information security management in three or more of the job practice analysis areas. Experience must be verifiable and obtained in the preceding 10-year period prior to the application date or within five years after passing the exam. There are some exceptions to this requirement depending on current credentials held.
• Submit an application for CISM certification (processing fee is $50.) Credential must be obtained within five years of passing the exam.
• Agree to the CISM Continuing Education Policy.

CISM Exam Cost

ISACA members who register early pay $440 for the exam; non-members pay $625 for early registration. Regular registration fee for members is $490 and for non-members is $675. The CISM credential is valid for three years, and credential holders must pay an annual maintenance fee of $45 (ISACA members) or $85 (non-members). Credential holders are also required to obtain a minimum of 120 continuing professional education (CPE) credits over the three-year term to maintain the credential. At least 20 CPEs must be earned every year.

ISACA Certification Program

In addition to the CISM, ISACA offers numerous other certifications for those interested in information security and best practices. Other credentials worth considering include:

• Certified Information Systems Auditor (CISA) – for professionals working with information systems auditing, control or security.
• Certified in the Governance of Enterprise IT (CGEIT) – targets IT professionals working in enterprise IT management, governance, strategic alignment, value delivery and risk, resource and performance management.
• Certified in Risk and Information Systems Control certification (CRISC) – IT professionals seeking careers in all aspects of risk management

Interested in ISACA exams? Visit ExamCollection to find latest exam preparation materials.

• Category: other
• Tags: announcements, ceh, certification, cism, exam, exams, isaca, it, it certification, it courses, it exam, it security, learning, security